Audits
Settings
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Theme
Light
Dark
Auto
Help
Plugins
Overview
Plugins Pipeline
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Release Notes
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
CVEs
Overview
Newest
Search
Attack Path Techniques
Overview
Search
Links
Tenable Cloud
Tenable Community & Support
Tenable University
Settings
Theme
Light
Dark
Auto
Detections
Plugins
Overview
Plugins Pipeline
Release Notes
Newest
Updated
Search
Nessus Families
WAS Families
NNM Families
LCE Families
Tenable OT Security Families
About Plugin Families
Audits
Overview
Newest
Updated
Search Audit Files
Search Items
References
Authorities
Documentation
Download All Audit Files
Policies
Overview
Search
AWS Resources
Azure Resources
GCP Resources
Kubernetes Resources
Indicators
Overview
Search
Indicators of Attack
Indicators of Exposure
Analytics
CVEs
Overview
Newest
Search
Attack Path Techniques
Overview
Search
Audits
References
CCI
CCI-002420
CCI
CCI|CCI-002420
Title
The information system maintains the confidentiality and/or integrity of information during preparation for transmission.
Reference Item Details
Reference:
CCI - DISA Control Correlation Identifier
Category:
2013
Audit Items
View all Reference Audit Items
Name
Plugin
Audit Name
5.3.1 Ensure SSH is installed
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
5.3.2 Ensure SSH is running
Unix
CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG
AOSX-13-000035 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission.
Unix
DISA STIG Apple Mac OSX 10.13 v2r5
AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - OpenSSH version
Unix
DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - SSHD currently running
Unix
DISA STIG Apple Mac OSX 10.14 v2r6
AOSX-14-000011 - The macOS system must implement DoD-approved encryption to protect the confidentiality and integrity of remote access sessions including transmitted data and data during preparation for transmission - SSHD service disabled
Unix
DISA STIG Apple Mac OSX 10.14 v2r6
APPL-11-000011 - The macOS system must disable the SSHD service.
Unix
DISA STIG Apple macOS 11 v1r7
APPL-11-000011 - The macOS system must disable the SSHD service.
Unix
DISA STIG Apple macOS 11 v1r5
APPL-12-000011 - The macOS system must disable the SSHD service.
Unix
DISA STIG Apple macOS 12 v1r7
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLEngine
Windows
DISA STIG Apache Server 2.4 Windows Site v2r1
AS24-W2-000890 - An Apache web server must maintain the confidentiality of controlled information during transmission through the use of an approved TLS version - SSLProtocol
Windows
DISA STIG Apache Server 2.4 Windows Site v2r1
Catalina - Enable SSH for Remote Access Sessions
Unix
NIST macOS Catalina v1.5.0 - All Profiles
DB2X-00-009100 - DB2 must maintain the confidentiality and integrity of information during preparation for transmission.
Unix
DISA STIG IBM DB2 v10.5 LUW v2r1 OS Linux
DB2X-00-009100 - DB2 must maintain the confidentiality and integrity of information during preparation for transmission.
Windows
DISA STIG IBM DB2 v10.5 LUW v2r1 OS Windows
DKER-EE-001050 - TCP socket binding for all Docker Engine - Enterprise nodes in a Universal Control Plane (UCP) cluster must be disabled.
Unix
DISA STIG Docker Enterprise 2.x Linux/Unix v2r1
EP11-00-009500 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during preparation for transmission.
Windows
EDB PostgreSQL Advanced Server v11 Windows OS Audit v2r2
EP11-00-009500 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during preparation for transmission.
PostgreSQLDB
EDB PostgreSQL Advanced Server v11 DB Audit v2r2
ESXI-70-000074 - The ESXi host must exclusively enable Transport Layer Security (TLS) 1.2 for all endpoints.
VMware
DISA STIG VMware vSphere 7.0 ESXi v1r2
IISW-SI-000249 - The IIS 8.5 website must maintain the confidentiality and integrity of information during preparation for transmission and during reception.
Windows
DISA IIS 8.5 Site v2r8
MADB-10-008900 - MariaDB must maintain the confidentiality and integrity of information during preparation for transmission.
MySQLDB
DISA MariaDB Enterprise 10.x v1r2 DB
MD3X-00-000760 - MongoDB must maintain the confidentiality and integrity of information during preparation for transmission - mode
Unix
DISA STIG MongoDB Enterprise Advanced 3.x v2r1 OS
MD4X-00-006000 - MongoDB must maintain the confidentiality and integrity of information during preparation for transmission.
Unix
DISA STIG MongoDB Enterprise Advanced 4.x v1r2 OS
MYS8-00-011300 - The MySQL Database Server 8.0 must maintain the confidentiality and integrity of information during preparation for transmission.
MySQLDB
DISA Oracle MySQL 8.0 v1r4 DB
O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures - SQLNET.CRYPTO_CHECKSUM_CLIENT
Windows
DISA STIG Oracle 11.2g v2r3 Windows
O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures - SQLNET.CRYPTO_CHECKSUM_CLIENT
Unix
DISA STIG Oracle 11.2g v2r3 Linux
O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures - SQLNET.CRYPTO_CHECKSUM_SERVER
Windows
DISA STIG Oracle 11.2g v2r3 Windows
O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures - SQLNET.ENCRYPTION_TYPES_CLIENT
Windows
DISA STIG Oracle 11.2g v2r3 Windows
O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures - SQLNET.ENCRYPTION_TYPES_CLIENT
Unix
DISA STIG Oracle 11.2g v2r3 Linux
O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures - SQLNET.ENCRYPTION_TYPES_SERVER
Windows
DISA STIG Oracle 11.2g v2r3 Windows
O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures - SQLNET.ENCRYPTION_TYPES_SERVER
Unix
DISA STIG Oracle 11.2g v2r3 Linux
O112-C1-019700 - The DBMS must employ cryptographic mechanisms preventing the unauthorized disclosure of information during transmission unless the transmitted data is otherwise protected by alternative physical measures.
Unix
DISA STIG Oracle 11.2g v2r3 Linux
OH12-1X-000324 - OHS must have the LoadModule ossl_module directive enabled to maintain the confidentiality and integrity of information during preparation for transmission.
Unix
DISA STIG Oracle HTTP Server 12.1.3 v2r2
OH12-1X-000325 - OHS must have the SSLFIPS directive enabled to maintain the confidentiality and integrity of information during preparation for transmission.
Unix
DISA STIG Oracle HTTP Server 12.1.3 v2r2
OH12-1X-000326 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during preparation for transmission - SSLEngine
Unix
DISA STIG Oracle HTTP Server 12.1.3 v2r2
OH12-1X-000326 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during preparation for transmission - SSLProtocol
Unix
DISA STIG Oracle HTTP Server 12.1.3 v2r2
OH12-1X-000326 - OHS must have the SSLEngine, SSLProtocol, and SSLWallet directives enabled and configured to maintain the confidentiality and integrity of information during preparation for transmission - SSLWallet
Unix
DISA STIG Oracle HTTP Server 12.1.3 v2r2
OH12-1X-000327 - OHS must have the SSLCipherSuite directive enabled to maintain the confidentiality and integrity of information during preparation for transmission.
Unix
DISA STIG Oracle HTTP Server 12.1.3 v2r2
OH12-1X-000328 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the SecureProxy directive enabled to maintain the confidentiality and integrity of information during preparation for transmission.
Unix
DISA STIG Oracle HTTP Server 12.1.3 v2r2
OH12-1X-000329 - If using the WebLogic Web Server Proxy Plugin and configuring end-to-end SSL, OHS must have the WLSSLWallet directive enabled to maintain the confidentiality and integrity of information during preparation for transmission.
Unix
DISA STIG Oracle HTTP Server 12.1.3 v2r2
OH12-1X-000330 - If using the WebLogic Web Server Proxy Plugin and configuring SSL termination at OHS, OHS must have the WLSProxySSL directive enabled to maintain the confidentiality and integrity of information during preparation for transmission.
Unix
DISA STIG Oracle HTTP Server 12.1.3 v2r2
OL07-00-040300 - The Oracle Linux operating system must be configured so that all networked systems have SSH installed.
Unix
DISA Oracle Linux 7 STIG v2r12
OL08-00-040159 - All OL 8 networked systems must have SSH installed.
Unix
DISA Oracle Linux 8 STIG v1r7
OL08-00-040160 - All OL 8 networked systems must have and implement SSH to protect the confidentiality and integrity of transmitted and received information, as well as information during preparation for transmission.
Unix
DISA Oracle Linux 8 STIG v1r7
PGS9-00-007200 - PostgreSQL must maintain the confidentiality and integrity of information during preparation for transmission.
Unix
DISA STIG PostgreSQL 9.x on RHEL OS v2r3
PGS9-00-007200 - PostgreSQL must maintain the confidentiality and integrity of information during preparation for transmission.
PostgreSQLDB
DISA STIG PostgreSQL 9.x on RHEL DB v2r3
PHTN-30-000026 - The Photon operating system must use an OpenSSH server version that does not support protocol 1.
Unix
DISA STIG VMware vSphere 7.0 Photon OS v1r2
PHTN-67-000068 - The Photon operating system must use OpenSSH for remote maintenance sessions.
Unix
DISA STIG VMware vSphere 6.7 Photon OS v1r6
PPS9-00-009500 - The EDB Postgres Advanced Server must maintain the confidentiality and integrity of information during preparation for transmission.
Unix
EDB PostgreSQL Advanced Server OS Linux Audit v2r2
RHEL-07-040300 - The Red Hat Enterprise Linux operating system must be configured so that all networked systems have SSH installed.
Unix
DISA Red Hat Enterprise Linux 7 STIG v3r12
RHEL-07-040310 - The Red Hat Enterprise Linux operating system must be configured so that all networked systems use SSH for confidentiality and integrity of transmitted and received information as well as information during preparation for transmission.
Unix
DISA Red Hat Enterprise Linux 7 STIG v3r12
